Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cwh vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3200
SQL injection vulnerability in vlc_forum.php in Avlc Forum as of 20080715 allows remote malicious users to execute arbitrary SQL commands via the id parameter in an affich_message action.
Easy-script Avlc Forum
1 EDB exploit
NA
CVE-2008-3033
RSS-aggregator 1.0 does not require administrative authentication for the admin/fonctions/ directory, which allows remote malicious users to access admin functions and have unspecified other impact, as demonstrated by (1) an IdFlux request to supprimer_flux.php and (2) a TpsRafra...
Rss Aggregator Rss Aggregator 1.0
1 EDB exploit
NA
CVE-2008-7167
Unrestricted file upload vulnerability in upload.php in Page Manager 2006-02-04 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.
Sami Ekblad Page Manager 2006-02-04
1 EDB exploit
NA
CVE-2008-5636
SQL injection vulnerability in cate.php in Lito Lite CMS, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Lovedesigner Lito Lite Cms Nil
1 EDB exploit
NA
CVE-2008-5677
Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2, and previous versions, when PICS_PATH is located in the web root, allows remote authenticated users with upload capability to execute arbitrary code by uploading a file with an executable extension, then accessing it...
Kwalbum Kwalbum 0.9.3
Kwalbum Kwalbum 0.9.2
Kwalbum Kwalbum 0.6.15
Kwalbum Kwalbum 0.6.14
Kwalbum Kwalbum 0.6.7
Kwalbum Kwalbum 0.6.6
Kwalbum Kwalbum 0.5.9
Kwalbum Kwalbum 0.5.8
Kwalbum Kwalbum 2.0.1
Kwalbum Kwalbum 2.0
Kwalbum Kwalbum 0.8.0
Kwalbum Kwalbum 0.7.1
Kwalbum Kwalbum 0.6.11
Kwalbum Kwalbum 0.6.10
Kwalbum Kwalbum 0.6.0
Kwalbum Kwalbum 0.5.12
Kwalbum Kwalbum 0.5.4
Kwalbum Kwalbum 0.5.3
Kwalbum Kwalbum 2.0.4
Kwalbum Kwalbum
Kwalbum Kwalbum 0.9.1
Kwalbum Kwalbum 0.9.0
1 EDB exploit
NA
CVE-2008-5954
SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the lname parameter in a login action to an unspecified component. NOTE: the provenance of this infor...
Ktp Computer Customer Database Ktp Computer Customer Database Nil
1 EDB exploit
NA
CVE-2008-5956
Wbstreet (aka PHPSTREET Webboard) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain database credentials via a direct request to connect.inc.
Phpstreet Webboard 1.0
1 EDB exploit
NA
CVE-2006-3151
Cross-site scripting (XSS) vulnerability in index.php in AssoCIateD (aka ACID) 1.2.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the menu parameter.
Associated Associated Cms 1.1.3
Associated Associated Cms 1.2.0
1 EDB exploit
NA
CVE-2013-4952
SQL injection vulnerability in functions/global.php in Elemata CMS RC 3.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Elemata Elemata Cms 3.0
1 EDB exploit
NA
CVE-2008-6193
Sam Crew MyBlog stores passwords in cleartext in a MySQL database, which allows context-dependent malicious users to obtain sensitive information.
Myblog Myblog
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »